RubyGems - sinatra-rest-json - Versions diffs - 0.1 → 0.2 - Mend

sinatra-rest-json 0.1 → 0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/README.md +23 -5
data/lib/sinatra/rest_json.rb +47 -2
data/sinatra-rest-json.gemspec +1 -1
data/test/test_sinatra_rest_json.rb +68 -1
metadata +1 -2
data/lib/sinatra/rest-json.rb +0 -78

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: daf0fd1316a9beb76a91a4e42900046b18e45694
-  data.tar.gz: 7f3cacb357a23e1de9e11ab13d0087d0de1ab0f1
+  metadata.gz: c4081e93189dcd0b6bbc54a6b1ee169c5afc28a3
+  data.tar.gz: 3721f4624f2adb52b8e2ee6d797713bd8b0885f8
 SHA512:
-  metadata.gz: d04e344828d494ab5bff1befcaec243594b5c58c30254932b5dfea154f109b8ede48d48a4343bcab467c54a5ef8764fd483b378b46d8647f825b64ca271c5321
-  data.tar.gz: 244e427c9b11c64ce3dde86f91f7271470ad267c95f8e252f96640a4b9b868556bb2872becdef088b1719c1e7a4e0fa8ce26a24d0e38a49419c6b667b359d2cb
+  metadata.gz: f4daf6ec26cc4fed06a496d6f07def6366ad4e25f695d1308ad2c42228681a3647d1ecd575c127cc03c4f9d2634c7d9747e4add7ac16b526df3935507db0b705
+  data.tar.gz: 3c12b6468e34c69cc155483fd9d954a658e22480cb4c1b1976b6fbe3d5f0696683e90f17358901eb1c9047a72f90cfe70f901da1295b5604ebf1007352ad98da

data/README.md CHANGED

@@ -1,9 +1,9 @@
 # Easy REST JSON APIs for Sinatra & Active Record
-Getting started
+## Getting started
-## 1. Setup your Gemfile
+### 1. Setup your Gemfile
 ```ruby
 # Gemfile
@@ -15,7 +15,7 @@ gem "json"
 ```
-## 2. Setup your Sinatra App
+### 2. Setup your Sinatra App
 ```ruby
 require 'sinatra'
@@ -39,9 +39,9 @@ end
 # Set up your REST routes
 rest_json Product
 ```
-## 3. Profit
+### 3. Profit
-### Now your app automatically has the following routes which returns JSON data from your model:
+#### Now your app automatically has the following routes which returns JSON data from your model:
 - **GET** /products (all)
 - **GET** /products/:id (find)
@@ -55,3 +55,21 @@ rest_json Product
 *Note for POST/PUT operations the data parameters should be like so: { product: { name: "foo", price: 1 }}
+### 4. Authentication
+Basic support for authentication is provided like so:
+```ruby
+# inside your sinatra app
+rest_json Product, :authenticate => {
+  :all => lambda { true }, # allowed
+  :find => lambda { true }, #allowed
+  :create => lambda { false }, #not authorized
+  :update => lambda { false }, #not authorized
+  :delete => lambda { false }  #not authorized
+}
+```
+You can pass in any ruby object that has a call method which returns a value (e.g. proc or lambda). Naturally you can drop in whatever authentication you'd like

data/lib/sinatra/rest_json.rb CHANGED

@@ -6,18 +6,43 @@ module Sinatra
     NOT_FOUND = { :errors => ["record doesn't exist"] }.to_json
     MODEL_REGEX = /([A-Z0-9]{1}[a-z0-9]+)/
+    NO_AUTH = lambda { true }
+    DEFAULT_AUTH = {
+      :all => NO_AUTH,
+      :find => NO_AUTH,
+      :create => NO_AUTH,
+      :update => NO_AUTH,
+      :delete => NO_AUTH
+    }
     def rest_json(model_class, opts = {})
       model_name = model_class.name.scan(MODEL_REGEX).join("_").downcase
       route_name = model_class.table_name
+      options = opts.clone
+      options[:authenticate] ||= {}
+      authenticate = DEFAULT_AUTH.merge(options[:authenticate])
       # all
       get "/#{route_name}" do
+        authorized = authenticate[:all].call
+        unless authorized
+          halt 401, "Not authorized\n"
+        end
         content_type :json
         "["  + model_class.all.collect { |m| m.to_json }.join(",") + "]"
       end
       # find
       get "/#{route_name}/:id" do
+        authorized = authenticate[:find].call
+        unless authorized
+          halt 401, "Not authorized\n"
+        end
         content_type :json
         model = model_class.find(params[:id].to_i)
@@ -29,7 +54,13 @@ module Sinatra
       end
       # create
-      put "/#{route_name}" do
+      post "/#{route_name}" do
+        authorized = authenticate[:create].call
+        unless authorized
+          halt 401, "Not authorized\n"
+        end
         content_type :json
         model = model_class.new(params[model_name])
@@ -42,7 +73,13 @@ module Sinatra
       end
       # update
-      post "/#{route_name}/:id" do
+      put "/#{route_name}/:id" do
+        authorized = authenticate[:update].call
+        unless authorized
+          halt 401, "Not authorized\n"
+        end
         content_type :json
         model = model_class.find(params[:id].to_i)
@@ -60,6 +97,13 @@ module Sinatra
       # delete
       delete "/#{route_name}/:id" do
+        authorized = authenticate[:delete].call
+        unless authorized
+          halt 401, "Not authorized\n"
+        end
         content_type :json
         model = model_class.find(params[:id].to_i)
@@ -74,5 +118,6 @@ module Sinatra
   end
   register REST
 end

data/sinatra-rest-json.gemspec CHANGED

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = 'sinatra-rest-json'
-  s.version     = '0.1'
+  s.version     = '0.2'
   s.date        = '2014-05-05'
   s.summary     = "Easy rest routes for Sinatra Applciations"

data/test/test_sinatra_rest_json.rb CHANGED

@@ -4,7 +4,7 @@ require 'rack/test'
 require "minitest/autorun"
 require 'sinatra/base'
-require 'sinatra/rest-json'
+require 'sinatra/rest_json'
 require 'json'
 require File.join(File.dirname(__FILE__), "helper")
@@ -15,6 +15,7 @@ class TestApp < Sinatra::Base
 end
 describe "app" do
   include Rack::Test::Methods
@@ -103,5 +104,71 @@ describe "app" do
       assert_equal FooModel.all.size, 0
     end
   end
+end
+class AuthenticatedTestApp < Sinatra::Base
+  register Sinatra::REST
+  rest_json FooModel, :authenticate => {
+    :all => lambda { true },
+    :find => lambda { true },
+    :create => lambda { false },
+    :update => lambda { false },
+    :delete => lambda { false }
+  }
+end
+describe "authenticated app" do
+  include Rack::Test::Methods
+  def app
+    AuthenticatedTestApp
+  end
+  before do
+    FooModel.destroy_all
+  end
+  describe "GET /" do
+    it "should allow all when data" do
+      FooModel.create(:name => "foo1")
+      get "/foo_models"
+      assert_equal last_response.status, 200
+    end
+  end
+  describe "GET /foo_models/:id" do
+    it "should allow finding a model" do
+      FooModel.create(:name => "foo1")
+      get "/foo_models/1"
+      assert_equal last_response.status, 200
+    end
+  end
+  describe "POST /foo_models" do
+    it "should not allow creation" do
+      assert_equal FooModel.all.size, 0
+      post "/foo_models", { :foo_model => { :name => "foo1" } }
+      assert_equal last_response.status, 401
+    end
+  end
+   describe "PUT /foo_models/:id" do
+    it "should not allow updating" do
+      FooModel.create(:name => "foo1")
+      put "/foo_models/1", { :foo_model => { :name => "boo" } }
+      assert_equal last_response.status, 401
+    end
+  end
+  describe "DELETE /foo_models/:id" do
+    it "should now allow deletion" do
+      FooModel.create(:name => "foo1")
+      delete "/foo_models/1"
+      assert_equal last_response.status, 401
+    end
+  end
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sinatra-rest-json
 version: !ruby/object:Gem::Version
-  version: '0.1'
+  version: '0.2'
 platform: ruby
 authors:
 - Joshua Carver
@@ -49,7 +49,6 @@ files:
 - LICENSE
 - README.md
 - Rakefile
-- lib/sinatra/rest-json.rb
 - lib/sinatra/rest_json.rb
 - sinatra-rest-json.gemspec
 - test/helper.rb

data/lib/sinatra/rest-json.rb DELETED

@@ -1,78 +0,0 @@
-require 'sinatra/base'
-require 'json'
-module Sinatra
-  module REST
-    NOT_FOUND = { :errors => ["record doesn't exist"] }.to_json
-    MODEL_REGEX = /([A-Z0-9]{1}[a-z0-9]+)/
-    def rest_json(model_class, opts = {})
-      model_name = model_class.name.scan(MODEL_REGEX).join("_").downcase
-      route_name = model_class.table_name
-      # all
-      get "/#{route_name}" do
-        content_type :json
-        "["  + model_class.all.collect { |m| m.to_json }.join(",") + "]"
-      end
-      # find
-      get "/#{route_name}/:id" do
-        content_type :json
-        model = model_class.find(params[:id].to_i)
-        if model.nil?
-         NOT_FOUND
-        else
-          model.to_json
-        end
-      end
-      # create
-      post "/#{route_name}" do
-        content_type :json
-        model = model_class.new(params[model_name])
-        if model.save
-          model.to_json
-        else
-          { :errors => model.errors }.to_json
-        end
-      end
-      # update
-      put "/#{route_name}/:id" do
-        content_type :json
-        model = model_class.find(params[:id].to_i)
-        if model.nil?
-          NOT_FOUND
-        else
-          if model.update_attributes(params[model_name])
-            model.to_json
-          else
-            { :errors => model.errors }.to_json
-          end
-        end
-      end
-      # delete
-      delete "/#{route_name}/:id" do
-        content_type :json
-        model = model_class.find(params[:id].to_i)
-        if model.nil?
-          NOT_FOUND
-        else
-          model.destroy.to_json
-        end
-      end
-    end
-  end
-  register REST
-end